BUSINESS TIPS: Lengthen password to increase security

You may not believe it, but along with "password" these three letter/number combinations remain the three most popular passwords for 2012, according to SplashData's annual 25 Worst Passwords of the Year list.

SplashData compiled the list from files containing 32 million stolen passwords posted online by hackers. A few new passwords entering the top 25 include "welcome," "Jesus," "ninja" and ever popular "password1."

In the global scope of electronic data, it is unbelievable the difference between protecting your information and jeopardizing your information can be determined by the robustness of your password.

"Long is good, and longer is better." Steven Musil with CNET News suggests to include as many different characters as possible. He also says to exclude, "anything that can be personally linked, such as birth dates or names of relatives. Choosing passwords that include words found in common dictionaries is also discouraged."

Amichai Shulman, co-founder and chief technology officer at the hacker blocking software company Imperva, studied the same list of passwords.

"About 20 percent of passwords on the list selected the same, relatively small pool of 5,000 passwords," Shulman reported.

As we begin a new year, there is no better time than right now to heed the advice of experts and begin to systematically manage your passwords.

Jeff Moss, founder of a computer hacking conference and member of the Homeland Security Advisory Council, said, "Nowadays, we have to keep probably 10 times as many passwords in our head as we did 10 years ago."

Moss relies on passwords at least 12 characters long, figuring those make him a more difficult target than the millions of people who choose five- and six-character passwords.

"It's like the joke where the hikers run into a bear in the forest, and the hiker that survives is the one who outruns his buddy!" The hackers will get to the four- and five-letter passwords first.

Managing passwords can be likened to standing on sifting sand. As soon as you get comfortable with it, it's time to change. It is recommended you change your passwords every 60 days.

It is best to commit your passwords to memory. If you write them down, be sure and secure them in a controlled access place. If you save them in electronic format, be sure the file is encrypted. Of course, never share your passwords.

Barry Wilson, head of Wharton's technology security team, suggested using a password manager.

"The best ones cost money," he said.

Wilson uses 1Password. A quick Internet search indicates that the choices available for password management are beyond numerous.

As part of getting organized in the new year, rework your passwords. I know I'm boosting mine to 12 characters, not using any personal information, adding symbols when appropriate and storing them in a controlled access place — my brain.

Hmmm, I might need to get an electronic password manager.

"Business Tips" was written by Peggy Rosser, Rural Business Development Specialist and Certified Business Adviser IV of Angelo State University's Small Business Development Center. Contact her at Peggy.Rosser@angelo.edu.